Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site to site connection fails

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Site to site connection fails Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site to site connection fails - 31.Jan.2005 3:00:00 PM   
fotzenfresse

 

Posts: 3
Joined: 17.Jan.2005
Status: offline 		Hello there!

We have been working with a LAN-to-LAN connection via VPN for quite a while. The VPN-connection is established between two LANCOM-Routers and is not controlled by ISA-Server.

Now we installed ISA 2004 on one side but not on the other side because we licensed only one copy.

On our side we use ISA 2004 on a computer with 2 nics. One of them is connected to our internal LAN and the other is connected to our router.

I created a new network object which includes the ip-range used at the other, the non-ISA, side and defined a network relation which tells ISA to route all traffic between the two LANs. Finally i created two allow-all-rules. One for each direction. And ofcourse I edited the system policy of the ISA Server to allow DNS etc. to the LAN on the other side.

Unfortunately nothing, not even a ping, works. I alywas get a denied connection but with no name of a rule responsible for denying the connection.

Can anyone please help?

Thanking you in advance.

Best Regards

Rene Pape
Post #: 1
RE: Site to site connection fails - 31.Jan.2005 4:54:00 PM   
juniora2s2004

 

Posts: 10
Joined: 6.Oct.2004
From: Brazil
Status: offline 		If you create a network object that is not associated with a network card it will be like a disconected interface.

If I have correctly understood all you have to do is add the address in the current internal interface and correct the rules you created.

If it doesn't work tell us, so we can help.

(in reply to fotzenfresse)
Post #: 2
RE: Site to site connection fails - 1.Feb.2005 4:17:00 PM   
fotzenfresse

 

Posts: 3
Joined: 17.Jan.2005
Status: offline 		Dear _Junior_!

Thank you for your answer.

Adding the ip-range from the non-ISA-side to our internal network is what i have done recently.

This workaround is ok but has some disadvantages. At first i can not exactly define what is allowed and what is forbidden because the source and the destination of the traffic is always "internal".
Second problem we experience is we can't access the network shares of all machines in remote LAN except for the domain controller which is running WIN 2K Server.

That is why i wanted to do it the other way!

Regards

Rene

(in reply to fotzenfresse)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Network Infrastructure >> Site to site connection fails Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts